Stibo Systems - The Master Data Management Company

How Master Data Management Supports Data Security

 |
June 07 2018 |
3 minute read

Data is a powerful business enabler. You can use it to improve customer engagement, reduce time to market and increase sales—that is, if you get it into the hands of the right people, when and where they need it.

Unfortunately, we all know that data can easily fall into the hands of the wrong people. With a data-driven business environment comes an increased risk of data breaches, cyber attacks, phishing and more. If your data is fragmented and being distributed across many different systems and applications, the risk only increases.

Effective data management can help keep your data out of reach from anyone not authorized to view, edit or compromise it in any way, making it easier for you to manage data security and data control.

Here is how Master Data Management supports your data security efforts.

MDM and Data Security


Know what data to secure

One of the first steps to securing data is to cleanse it so that you’re working with accurate and up-to-date information, and thus protecting the right data. Master data management helps you eliminate duplications and lets you manage your data from one central repository, making sure that any record created or updated in each of your contributing ERP, CRM or e-commerce systems is reflected in the central repository.

Security of data from siloed data systems is a challenge for many organizations because of its dispersed nature and inconsistent security regulation. And, because of this, the threat of a security breach is much higher.

  • 69% of healthcare organizations believe they’re at greater risk of a data breach than other industries, according to Ponemon Institutes.
  • The UK suffered as many as 40 reported data breaches in the first half of 2017, losing more than 28 million data records to hackers, with the worst affected including government, tech firms and healthcare organizations, particularly NHS trusts, according to Gemalto.

If you work in an industry where security and privacy are paramount, such as healthcare or financial services, you need to 1) know where your data is, and 2) ensure your attributes can’t be accessed.

Secure transparent business processes and workflows

With master data management in place, business users can view dashboards that report on the data cleanliness of each source system that contributes into the master data management hub, and you can introduce companywide data security practices. Here, master data management can support you with security aspects such as:

  • User authentication, ensuring information is only accessed by correct (and approved) individuals, groups or applications.
  • User authorisation, enabling you to implement role-based access by only allowing those with specific, granted privileges to gain access to certain data.
  • Access logs, providing an audit trail and time stamps to let you see who has requested, accessed, created and updated certain records. Alerts can be triggered with rule-based processes and workflows to flag insecure actions or areas that need scrutiny.

There are also solutions that let you encrypt certain areas of data, so users are prompted for a password before they can view it. And, a log can be kept of each data access to provide an even higher level of security for these attributes. 

You can even define your levels of encryption depending on whether the data is at rest or in transit.
Encryption at rest protects your data from a system compromise or data extraction to another computer, while it is stored, while an encryption in transit protects your data if communications are intercepted while data moves between your site and another system.

Do not let data security slow down your processes

The problem with tight security is that it can delay your users from reaching the data they require to do their work. Currently, do your users need to put in a request to gain access to certain data? And, does it take far too long for the relevant people to grant approval?

Master Data Management platforms can help you overcome this because they allow you to implement role-based security policies. These can relate to data subsets and be defined through custom-built data workflows.

You can define group and user level access rights to any data object type. You can also apply rules to restrict actions on specific areas of data. This makes it easier to define precise privilege and access rules that are not too restrictive but still provide an acceptable level of security.

Align your security processes with data governance

Data security management should go hand in hand with your data governance policies. Why? Because your organization’s governance structure should cover the management of your data assets as well as the security access you give users.

Are the security parameters you set for your users in line with the regulatory compliance rules that apply to your data assets? You may not only have thousands of users on an internal network; you may also deal directly on the public Internet.

Therefore, it’s crucial to ensure that no vulnerabilities can be exploited by external parties trying to gain access to your data. This means taking a proactive approach to data management to help build a more secure environment for the future.

how to develop clear data governance policies and processes for your mdm implementation


Topics: 
Master Data Management Blog by Stibo Systems logo

Martin Samuel Nielsen is the Chief Information Security Officer (CISO) at Stibo Systems. Martin, who has worked with information security in some of Northern Europe’s biggest companies, including Vestas and Velux, has a great passion for making data protection and information security an integral part of the daily business processes. He holds several personal information security certifications, such as CISA, ESL, CISSP, CISM and CRISC. Martin is also the leading force behind Stibo Systems’ ISO/IEC 27001:2013 certification, the international standard outlining best practices for information security management.



← Previous Post
Next Post →